Tuesday, May 14, 2019

Acceptable Use and Behavior Policy Essay Example | Topics and Well Written Essays - 750 words

Acceptable Use and Behavior indemnity - strain ExampleTo protect confidential reading and its financial interests, the comp both has adopted a number of agreeable use and behavior policies that not sole(prenominal) enable it to mitigate the threats but also allow the employees to flexibly conduct their daily businesses without affecting the productivity. This paper discusses the physical earnest department policy, vulnerabilities, audit policy, lumber management, dodge executive policies as well as the various security incident handling procedures at Firion Company. Firion has implemented a number of physical security policies that ar primarily aimed at improving the integrity and confidentiality of the information systems that are used in the company. One of the physical security policies that is the prohibition of the use of devices such as USB drive, FireWire and rewritable CDs/DVDs on company owned assets (Wijayanayake, 2009). Additionally all the company communication systems are only required to be configured by the IT department and no modifications are allowed to both the software and hardware without the approval of the IT security team. In this regard, Firion employees, business partners, contractors and vendors are not allowed to install any software applications or hardware into any machines used by the company. Generally some of the main security vulnerabilities that are currently facing Firion include potential leakage of corporate information through removable storage devices, introduction of malicious applications into the information systems of the company and misuse of computer resources. For example, employees participating surfing social network sites may unknowingly flummox malicious content to the company systems. Audit Policy Item The audit policy item engaged by Firion Corporation is primarily designed to guide the security team to audit the companys infrastructure system and mitigate the potential vulnerabilities. It is the responsibility of the security team to ensure that all the information regarding the company which are posted over the internet are properly audited to ensure that they do not compromise the security of the company (Rudolph, 2009). For example the security team is required to constantly monitor and revaluate the system and makes the necessary patches to potential security breaches. Additionally the company also makes regular vulnerability and social engineer tests to detect potential threats to the company websites and online information. Log Management Policy Item As part of its log management policies, Firion does not allow any employee to lock their workplace computers when not in use or write down their login passwords on paper. The responsibility of creating and maintaining a secure log management infrastructure at Firion is given to the security team. For example, the security team not only performs regular log reviews and access monitor but they also ensure the privacy of s ensitive and confidential information through the use of exchange authentication credentials such as user passwords. The company has also designed role base access control regulations which ensures that the access of any employee to facilities and company data is based on their roles and therefore only employees who need particular data will be able to login and access to the data. System Administrator Policy Item According to Ferions system administrator policies, administrative rights are only reserved to the security t

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.